Skip to content

Commit 489ce3d

Browse files
joefarebrotherjoefarebrother
authored
Merge pull request github#12049 from joefarebrother/netty-models
Java: Model the Netty framework
2 parents 6d91458 + 48823ae commit 489ce3d

File tree

141 files changed

+12427
-169
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

141 files changed

+12427
-169
lines changed

java/ql/lib/change-notes/2023-02-28-netty.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
---
2+
category: minorAnalysis
3+
---
4+
* Added sources and flow step models for the Netty framework up to version 4.1.

java/ql/lib/ext/io.netty.buffer.model.yml

Lines changed: 212 additions & 0 deletions
Large diffs are not rendered by default.

java/ql/lib/ext/io.netty.channel.model.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,3 +12,9 @@ extensions:
1212
- ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-generated"]
1313
- ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress,ChannelPromise)", "", "Argument[0]", "open-url", "ai-generated"]
1414
- ["io.netty.channel", "DefaultChannelPipeline", False, "connect", "(SocketAddress,SocketAddress)", "", "Argument[0]", "open-url", "ai-generated"]
15+
- addsTo:
16+
pack: codeql/java-all
17+
extensible: sourceModel
18+
data:
19+
- ["io.netty.channel", "ChannelInboundHandler", True, "channelRead", "", "", "Parameter[1]", "remote", "manual"]
20+
- ["io.netty.channel", "SimpleChannelInboundHandler", True, "channelRead0", "", "", "Parameter[1]", "remote", "manual"]

java/ql/lib/ext/io.netty.handler.codec.base64.model.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: summaryModel
5+
data:
6+
- ["io.netty.handler.codec.base64", "Base64", True, "decode", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
7+
- ["io.netty.handler.codec.base64", "Base64", True, "encode", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
8+

java/ql/lib/ext/io.netty.handler.codec.http.cookie.model.yml

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: summaryModel
5+
data:
6+
- ["io.netty.handler.codec.http.cookie", "Cookie", True, "domain", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
7+
- ["io.netty.handler.codec.http.cookie", "Cookie", True, "name", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
8+
- ["io.netty.handler.codec.http.cookie", "Cookie", True, "path", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
9+
- ["io.netty.handler.codec.http.cookie", "Cookie", True, "value", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
10+
- ["io.netty.handler.codec.http.cookie", "Cookie", True, "setDomain", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
11+
- ["io.netty.handler.codec.http.cookie", "Cookie", True, "setPath", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
12+
- ["io.netty.handler.codec.http.cookie", "Cookie", True, "setValue", "(String)", "", "Argument[0]", "Argument[this]", "taint", "manual"]
13+
- ["io.netty.handler.codec.http.cookie", "ServerCookieDecoder", True, "decode", "(String)", "", "Argument[0]", "ReturnValue.Element", "taint", "manual"]
14+
- ["io.netty.handler.codec.http.cookie", "ServerCookieDecoder", True, "decodeAll", "(String)", "", "Argument[0]", "ReturnValue.Element", "taint", "manual"]
15+
- ["io.netty.handler.codec.http.cookie", "ServerCookieEncoder", True, "encode", "(Cookie)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
16+
- ["io.netty.handler.codec.http.cookie", "ServerCookieEncoder", True, "encode", "(Cookie[])", "", "Argument[0].ArrayElement", "ReturnValue.Element", "taint", "manual"]
17+
- ["io.netty.handler.codec.http.cookie", "ServerCookieEncoder", True, "encode", "(Collection)", "", "Argument[0].Element", "ReturnValue.Element", "taint", "manual"]
18+
- ["io.netty.handler.codec.http.cookie", "ServerCookieEncoder", True, "encode", "(Iterable)", "", "Argument[0].Element", "ReturnValue.Element", "taint", "manual"]
19+
- ["io.netty.handler.codec.http.cookie", "ServerCookieEncoder", True, "encode", "(String,String)", "", "Argument[1..2]", "ReturnValue", "taint", "manual"]

java/ql/lib/ext/io.netty.handler.codec.http.model.yml

Lines changed: 82 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,83 @@
11
extensions:
2-
- addsTo:
3-
pack: codeql/java-all
4-
extensible: sinkModel
5-
data:
6-
- ["io.netty.handler.codec.http", "DefaultFullHttpRequest", True, "DefaultFullHttpRequest", "(HttpVersion,HttpMethod,String,ByteBuf)", "", "Argument[2]", "open-url", "ai-generated"]
7-
- ["io.netty.handler.codec.http", "DefaultHttpRequest", True, "DefaultHttpRequest", "(HttpVersion,HttpMethod,String)", "", "Argument[2]", "open-url", "ai-generated"]
8-
- addsTo:
9-
pack: codeql/java-all
10-
extensible: summaryModel
11-
data:
12-
- ["io.netty.handler.codec.http", "QueryStringEncoder", True, "QueryStringEncoder", "(String)", "", "Argument[0]", "Argument[this]", "taint", "ai-generated"]
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["io.netty.handler.codec.http", "DefaultFullHttpRequest", True, "DefaultFullHttpRequest", "(HttpVersion,HttpMethod,String,ByteBuf)", "", "Argument[2]", "open-url", "ai-generated"]
7+
- ["io.netty.handler.codec.http", "DefaultHttpRequest", True, "DefaultHttpRequest", "(HttpVersion,HttpMethod,String)", "", "Argument[2]", "open-url", "ai-generated"]
8+
- addsTo:
9+
pack: codeql/java-all
10+
extensible: summaryModel
11+
data:
12+
- ["io.netty.handler.codec.http", "QueryStringEncoder", True, "QueryStringEncoder", "(String)", "", "Argument[0]", "Argument[this]", "taint", "ai-generated"]
13+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "add", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
14+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "add", "(CharSequence,Iterable)", "", "Argument[0]", "Argument[this].Element.MapKey", "taint", "manual"]
15+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "add", "(CharSequence,Iterable)", "", "Argument[1].Element", "Argument[this].Element.MapValue", "taint", "manual"]
16+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "add", "(CharSequence,Object)", "", "Argument[0]", "Argument[this].Element.MapKey", "taint", "manual"]
17+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "add", "(CharSequence,Object)", "", "Argument[1]", "Argument[this].Element.MapValue", "taint", "manual"]
18+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "add", "(String,Iterable)", "", "Argument[0]", "Argument[this].Element.MapKey", "value", "manual"]
19+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "add", "(String,Iterable)", "", "Argument[1].Element", "Argument[this].Element.MapValue", "taint", "manual"]
20+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "add", "(String,Object)", "", "Argument[0]", "Argument[this].Element.MapKey", "value", "manual"]
21+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "add", "(String,Object)", "", "Argument[1]", "Argument[this].Element.MapValue", "taint", "manual"]
22+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "add", "(HttpHeaders)", "", "Argument[0].Element.MapKey", "Argument[this].Element.MapKey", "value", "manual"]
23+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "add", "(HttpHeaders)", "", "Argument[0].Element.MapValue", "Argument[this].Element.MapValue", "taint", "manual"]
24+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "addInt", "(CharSequence,int)", "", "Argument[this]", "ReturnValue", "value", "manual"]
25+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "addInt", "(CharSequence,int)", "", "Argument[0]", "Argument[this].Element.MapKey", "value", "manual"]
26+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "addShort", "(CharSequence,short)", "", "Argument[this]", "ReturnValue", "value", "manual"]
27+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "addShort", "(CharSequence,short)", "", "Argument[0]", "Argument[this].Element.MapKey", "value", "manual"]
28+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "copy", "()", "", "Argument[this].Element.MapKey", "ReturnValue.Element.MapKey", "value", "manual"]
29+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "copy", "()", "", "Argument[this].Element.MapValue", "ReturnValue.Element.MapValue", "value", "manual"]
30+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "entries", "()", "", "Argument[this].Element.MapKey", "ReturnValue.Element.MapKey", "value", "manual"]
31+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "entries", "()", "", "Argument[this].Element.MapValue", "ReturnValue.Element.MapValue", "value", "manual"]
32+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "get", "", "", "Argument[this].Element.MapValue", "ReturnValue", "value", "manual"]
33+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "get", "", "", "Argument[1]", "ReturnValue", "value", "manual"]
34+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "getAll", "", "", "Argument[this].Element.MapValue", "ReturnValue.Element", "value", "manual"]
35+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "getAllAsString", "", "", "Argument[this].Element.MapValue", "ReturnValue.Element", "value", "manual"]
36+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "getAsString", "", "", "Argument[this].Element.MapValue", "ReturnValue", "value", "manual"]
37+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "getHeader", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
38+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "getHeader", "", "", "Argument[2]", "ReturnValue", "value", "manual"]
39+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "getHost", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
40+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "getHost", "", "", "Argument[1]", "ReturnValue", "value", "manual"]
41+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "iteratorAsString", "()", "", "Argument[this].Element.MapKey", "ReturnValue.Element.MapKey", "value", "manual"]
42+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "iteratorAsString", "()", "", "Argument[this].Element.MapValue", "ReturnValue.Element.MapValue", "value", "manual"]
43+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "iteratorCharSequence", "()", "", "Argument[this].Element.MapKey", "ReturnValue.Element.MapKey", "taint", "manual"]
44+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "iteratorCharSequence", "()", "", "Argument[this].Element.MapValue", "ReturnValue.Element.MapValue", "taint", "manual"]
45+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "names", "()", "", "Argument[this].Element.MapKey", "ReturnValue.Element", "value", "manual"]
46+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "newEntity", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
47+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "remove", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
48+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "set", "", "", "Argument[this]", "ReturnValue", "value", "manual"]
49+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "set", "(CharSequence,Iterable)", "", "Argument[0]", "Argument[this].Element.MapKey", "taint", "manual"]
50+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "set", "(CharSequence,Iterable)", "", "Argument[1].Element", "Argument[this].Element.MapValue", "taint", "manual"]
51+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "set", "(CharSequence,Object)", "", "Argument[0]", "Argument[this].Element.MapKey", "taint", "manual"]
52+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "set", "(CharSequence,Object)", "", "Argument[1]", "Argument[this].Element.MapValue", "taint", "manual"]
53+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "set", "(String,Iterable)", "", "Argument[0]", "Argument[this].Element.MapKey", "value", "manual"]
54+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "set", "(String,Iterable)", "", "Argument[1].Element", "Argument[this].Element.MapValue", "taint", "manual"]
55+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "set", "(String,Object)", "", "Argument[0]", "Argument[this].Element.MapKey", "value", "manual"]
56+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "set", "(String,Object)", "", "Argument[1]", "Argument[this].Element.MapValue", "taint", "manual"]
57+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "set", "(HttpHeaders)", "", "Argument[0].Element.MapKey", "Argument[this].Element.MapKey", "value", "manual"]
58+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "set", "(HttpHeaders)", "", "Argument[0].Element.MapValue", "Argument[this].Element.MapValue", "taint", "manual"]
59+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "setAll", "(HttpHeaders)", "", "Argument[this]", "ReturnValue", "value", "manual"]
60+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "setAll", "(HttpHeaders)", "", "Argument[0].Element.MapKey", "Argument[this].Element.MapKey", "value", "manual"]
61+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "setAll", "(HttpHeaders)", "", "Argument[0].Element.MapValue", "Argument[this].Element.MapValue", "taint", "manual"]
62+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "setInt", "(CharSequence,int)", "", "Argument[this]", "ReturnValue", "value", "manual"]
63+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "setInt", "(CharSequence,int)", "", "Argument[0]", "Argument[this].Element.MapKey", "value", "manual"]
64+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "setShort", "(CharSequence,short)", "", "Argument[this]", "ReturnValue", "value", "manual"]
65+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "setShort", "(CharSequence,short)", "", "Argument[0]", "Argument[this].Element.MapKey", "value", "manual"]
66+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "valueStringIterator", "(CharSequence)", "", "Argument[this].Element.MapValue", "ReturnValue.Element", "value", "manual"]
67+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "valueCharSequenceIterator", "(CharSequence)", "", "Argument[this].Element.MapValue", "ReturnValue.Element", "taint", "manual"]
68+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "toString", "", "", "Argument[this].Element.MapKey", "ReturnValue", "taint", "manual"]
69+
- ["io.netty.handler.codec.http", "HttpHeaders", True, "toString", "", "", "Argument[this].Element.MapValue", "ReturnValue", "taint", "manual"]
70+
# Currently all write steps to http messages are taint flow. It may reduce FPs to use a synthetic field for headers instead.
71+
- ["io.netty.handler.codec.http", "HttpMessage", True, "headers", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
72+
- ["io.netty.handler.codec.http", "LastHttpContent", True, "trailingHeaders", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
73+
- ["io.netty.handler.codec.http", "HttpRequest", True, "getUri", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
74+
- ["io.netty.handler.codec.http", "HttpRequest", True, "uri", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
75+
- ["io.netty.handler.codec.http", "HttpRequest", True, "setUri", "", "", "Argument[0]", "Argument[this]", "taint", "manual"]
76+
- ["io.netty.handler.codec.http", "QueryStringDecoder", True, "QueryStringDecoder", "", "", "Argument[0]", "Argument[this]", "taint", "manual"]
77+
- ["io.netty.handler.codec.http", "QueryStringDecoder", True, "decodeComponent", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
78+
- ["io.netty.handler.codec.http", "QueryStringDecoder", True, "parameters", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
79+
- ["io.netty.handler.codec.http", "QueryStringDecoder", True, "path", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
80+
- ["io.netty.handler.codec.http", "QueryStringDecoder", True, "rawPath", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
81+
- ["io.netty.handler.codec.http", "QueryStringDecoder", True, "rawQuery", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
82+
- ["io.netty.handler.codec.http", "QueryStringDecoder", True, "toString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
83+
- ["io.netty.handler.codec.http", "QueryStringDecoder", True, "uri", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]

0 commit comments

Comments
 (0)